The recent Bybit platform hack, resulting in the theft of over $1.4 billion in Ethereum, has sparked widespread public debate. Former Binance CEO, Changpeng Zhao (CZ), openly criticized Safe{Wallet}'s report, calling it vague and incomplete.
The Attack Unveiled: How It Happened
Safe{Wallet} stated that the North Korean Lazarus Group orchestrated the attack. The hackers compromised a Safe developer's machine, injected malicious JavaScript into SafeWallet's AWS infrastructure, and tricked Bybit's signers into approving a fraudulent transaction. The issue stemmed from developer vulnerabilities, not Safe's smart contracts or frontend.
CZ's Criticism: Unanswered Questions
CZ questioned many aspects of the Safe report, alleging key details were overlooked: how the developer's machine was accessed, how it interacted with Bybit's account, and whether Ledger functions were bypassed. He also asked why Bybit's wallet was targeted given its large holdings and what lessons could be learned by multi-signature wallet providers. He stressed the need for greater transparency and more robust security protocols.
Safe's Response and Future Steps
Martin Köppelmann, co-founder of the Gnosis network, clarified that the interface was altered to mislead Bybit, but the Safe code itself remained untouched. Proposed measures against future incidents include enhancing transaction verification, introducing SafeNet, a co-signing service, and using multiple Safe interfaces.
The Bybit hack highlighted ongoing security vulnerabilities within the crypto industry and the need for stricter measures to prevent such attacks. A push for greater transparency and adoption of new protection technologies is essential for ensuring user security.
